Sometimes risk analysis can result in paralysis. Finding your risk tolerance and applying it to specific situations requires a nuanced approach.
I am always wary of anyone who tells me categorical rules – e.g. we do not do business in Russia because it is too risky. In this era of oversimplification, such statements border on intellectual dishonesty.
A careful approach to risk analysis always involves a cost benefit framework. Compliance is not a function that is dedicated to identifying risk and avoiding all potential risks. Compliance is part of an overall cost benefit risk analysis.
As a perfect example of what not to do in managing risks, many of the major banks have adopted a categorical approach to risk and declined to do business with money service businesses (“MSBs”). A categorical approach may seem justified based on risk tolerance but it represents a simplistic answer to an otherwise complex issue. To put it another way, it represents lazy compliance thinking.
In the last few years, banks have been accused of terminating all of MSBs as customers, claiming that the risk was too high to engage these businesses. In response, FinCEN issued an order reminding banks not to engage in de-risking by eliminating an entire category of customers.
MSBs including money transmitters that provide critical global remittance services. In addition MSBs provide check cashing, stored value cards, money transfers, money orders and other important services. Many of their customers cannot afford higher cost banking services and rely on MSBs as an alternative. MSBs play an important role in the global economy.
As an excuse, many banks will claim they turn down MSBs because the MSB lacks an adequate ethics and compliance program. While that may be true in some cases, there are a number of major MSBs that are firmly committed to ethics and compliance. MSBs know they are on the enforcement radar screen and they know that compliance is critical. MSBs’ efforts in this area need to continue and industry support should be provided to promote and sustain compliance programs.
As a “financial institution,” MSBs are required to comply with Bank Secrecy Act laws and regulations. FinCEN has provided extensive guidance in this area to MSBs so that they have a clear roadmap for compliance programs. Every MSB should follow this roadmap, and you can expect that any banking institution will review a compliance program within this well-established framework.
Many MSBs have comprehensive compliance programs and are far less risky than some other financial institutions. When reviewing an MSB as a potential customer, a bank should fairly evaluate the risk and not employ a categorical approach. Depending on the customer and product mix, the geographic areas of operation, and the MSBs overall set of compliance controls, a bank would be foolhardy to turn down an MSB as a new customer. Banking due diligence requires a careful analysis of the customer’s risks and now some wholesale – just say no – solution.
MSBs need to promote a positive message of compliance. As a result, MSBs need to enhance their compliance programs, conduct comprehensive risk assessments, and ensure proper attention to AML and terrorist financing risks. As an industry, it is critical to get the message across to lawmakers and regulators that MSBs are committed to compliance initiatives and new approaches to ensure compliance. It is an important campaign to ensure the vitality of an important industry.
This article was originally published on Corruption, Crime & Compliance. It is reposted here with permission.